I have an asus router at home and use it as a VPN-server (openVPN). My macbook connects to the internet via tunnelblick and and on my mobile I use OpenVPN Connect.
What exactly does my employer know about me? Can he see how much time I waste on reddit etc.?
(If they’re checking, and if you have everything configured correctly) They can infer you’re using a VPN since all your traffic is going to one IP, but they can’t see at all what you are doing. They could also watch the bandwidth you’re using and possibly infer if you’re downloading, streaming video, etc. but, again, would know nothing specific about the content, what websites, etc.
As a corporate IT guy I can tell you that we’re only interested in you if you’re using a ton of resources and we’re getting complaints because of it, or your management has already decided to fire you and they come to us looking for an excuse. The IT department is (usually) never the primary reason for getting fired or in trouble, we’re just the best source of documentation management uses after they’ve decided to get rid of you, usually for reasons that have wholly nothing to do with your work performance.
this may not be the answer you are looking for but i generally consider it to be a good rule of thumb to not do anything at work that you should not be doing including circumventing the companies I.T. policy.
Have a look at the FlashRouter dual router setups, they allow you to have the best of both worlds - you can select which device use the VPN and which use your unencrypted ISP.
Short answer is no, if however you’re on a workstation with monitoring software that supports keylogging then they will be able to get a better picture of what you’re doing.
No, since all of your traffic will be through the VPN server in question, and no one can see what you’re doing. What amps up the security is that if your VPN is logless.
All he will know is the bandwidth, but that shouldn’t be much of a problem, would it?
(basically what @brett88 said.)
It really depends on the monitoring software they have installed on your client. They could easily be taking screenshots at defined intervals (particularly if you are doing something suspicious like using a VPN).
Example: https://screenshotmonitor.com/
when I find people hitting a single IP with SSL all day long and it’s a lot of traffic I just throttle their device down to 128k
Second this. The main concern of your employer (If they are checking) will be the bandwidth allocation across the board. General browsing should be fine in any instance but could boil down to how much current employees actually use. If your one of a few then chances are you stick out like a saw thumb. So maybe worth asking around and seeing if anyone else is ‘Working Hard’ on reddit!
Cool, that’s what I was hoping for!
if you have everything configured correct
Is there a way to find out? (without risking my job! )
What if they make you install a cert-based wifi connection? Couldnt they man in the middle you? (My understanding is a lot of comoanies do this to 1. Secure wifi 2. To enable deep packet inspection so they can figure out if something illegal is going on.
we’re just the best source of documentation management uses after they’ve decided to get rid of you
Exactly. And would my setup make it impossible (or at least difficult) support management’s decission?
One can still make up a story, why there was plenty of traffic (e.g. camera at home that sends a stream to my phone when it detects motion. And sometimes my dog was just running all around the place.)
I am fully aware of that 
So, it’s probably better to reddit on mobile then
That makes sense. Thank you!
The main concern would be leakage. Check out IPLeak.net and DNS leak check Both of these are in the sidebar.
If your connection leaks DNS then they would be able to see what webpages you are visiting.
If you’re worried about risking your job you shouldn’t be using a VPN unless you need it for work.
The stuff in the sidebar should be adequate.
Certs used to connect to WiFi are generally used for authentication only, and not man in the middle type inspection.
If your company is using layer 7 inspection they likely installed their cert in your trusted root store before you even got your computer.